From: Greg Kroah-Hartman Date: Tue, 17 Apr 2018 12:37:11 +0000 (+0200) Subject: 4.9-stable patches X-Git-Tag: v4.16.3~20 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cfc5f1ea6c7b1f16269773687310250df314af36;p=thirdparty%2Fkernel%2Fstable-queue.git 4.9-stable patches added patches: sunrpc-remove-incorrect-hmac-request-initialization.patch --- diff --git a/queue-4.9/series b/queue-4.9/series index 8c8f18e7223..2b0acb57570 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -48,3 +48,4 @@ arm-arm64-smccc-make-function-identifiers-an-unsigned-quantity.patch arm-arm64-smccc-implement-smccc-v1.1-inline-primitive.patch arm64-add-arm_smccc_arch_workaround_1-bp-hardening-support.patch arm64-kill-psci_get_version-as-a-variant-2-workaround.patch +sunrpc-remove-incorrect-hmac-request-initialization.patch diff --git a/queue-4.9/sunrpc-remove-incorrect-hmac-request-initialization.patch b/queue-4.9/sunrpc-remove-incorrect-hmac-request-initialization.patch new file mode 100644 index 00000000000..e1a4ff2be63 --- /dev/null +++ b/queue-4.9/sunrpc-remove-incorrect-hmac-request-initialization.patch @@ -0,0 +1,55 @@ +From f3aefb6a7066e24bfea7fcf1b07907576de69d63 Mon Sep 17 00:00:00 2001 +From: Eric Biggers +Date: Wed, 28 Mar 2018 10:57:22 -0700 +Subject: sunrpc: remove incorrect HMAC request initialization + +From: Eric Biggers + +commit f3aefb6a7066e24bfea7fcf1b07907576de69d63 upstream. + +make_checksum_hmac_md5() is allocating an HMAC transform and doing +crypto API calls in the following order: + + crypto_ahash_init() + crypto_ahash_setkey() + crypto_ahash_digest() + +This is wrong because it makes no sense to init() the request before a +key has been set, given that the initial state depends on the key. And +digest() is short for init() + update() + final(), so in this case +there's no need to explicitly call init() at all. + +Before commit 9fa68f620041 ("crypto: hash - prevent using keyed hashes +without setting key") the extra init() had no real effect, at least for +the software HMAC implementation. (There are also hardware drivers that +implement HMAC-MD5, and it's not immediately obvious how gracefully they +handle init() before setkey().) But now the crypto API detects this +incorrect initialization and returns -ENOKEY. This is breaking NFS +mounts in some cases. + +Fix it by removing the incorrect call to crypto_ahash_init(). + +Reported-by: Michael Young +Fixes: 9fa68f620041 ("crypto: hash - prevent using keyed hashes without setting key") +Fixes: fffdaef2eb4a ("gss_krb5: Add support for rc4-hmac encryption") +Cc: stable@vger.kernel.org +Signed-off-by: Eric Biggers +Signed-off-by: J. Bruce Fields +Signed-off-by: Greg Kroah-Hartman + +--- + net/sunrpc/auth_gss/gss_krb5_crypto.c | 3 --- + 1 file changed, 3 deletions(-) + +--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c ++++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c +@@ -237,9 +237,6 @@ make_checksum_hmac_md5(struct krb5_ctx * + + ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); + +- err = crypto_ahash_init(req); +- if (err) +- goto out; + err = crypto_ahash_setkey(hmac_md5, cksumkey, kctx->gk5e->keylength); + if (err) + goto out;